====== The right way to use iptables under Fedora Core ====== Fedora Core comes with a 2.6 kernel, which comes in turn with <color red>iptables</color>. Some other distributions require you to use your own way of loading rules on boot (for example, a script), but Fedora Core comes with an easy way to do it. Note that the way I'm going to describe is **not** compatible with the simple firewall GUI launched via: <code console> $ system-config-securitylevel </code> Both ways are mutually exclusive : you can either use the simple GUI above and don't touch <color red>iptables</color> directly, or let the GUI alone and manually use your beloved <color red>iptables</color>. This is the latter way I'm describing here. First, simply add your rules via the iptables command as you would do on any other distribution.\\ When you're done, and want to save the current rules, use this : <code console> # service iptables save </code> And you're done ! If you were wondering about the <color red>service</color> command, this is the way Red Hat distributions let you simply manipulate the <color green>/etc/init.d/</color> scripts. There's also <color red>chkconfig</color> to change runlevels at which given services will start or stop, that is, adding or removing <color green>/etc/rc?.d/</color> scripts. But this is another story ! (Probably in a later post). Now back to the <color red>service</color> command. You can replace save above with : * <color purple>status</color>, to list current rules and a couple of statistics * <color purple>panic</color>, to temporarily block all internet traffic (if you're under heavy attack, yay !) * <color purple>restart</color>, to reload previously saved settings and lose current ones * <color purple>condrestart</color>, restart only if the firewall was previously activated (that is, doesn't do anything if iptables is stopped) * <color purple>stop</color>, disable the firewall * <color purple>start</color>, huh :) ~~META:date created = 2006-08-26 08:48:00~~